package com.example.securitytest.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class IndexController {
    @GetMapping("/index")
    // @PreAuthorize("hasAuthority('test')")
    // @PreAuthorize("hasAuthority('system:test:list')")
    /**
     * hasRole会加一个默认的前缀，ROLE_，然后与UserDetail中的权限相比较
     */
    @PreAuthorize("hasRole('system:dept:list')")
    public String index() {
        return "Hello World ~";
    }
}
